Multiple gnubiff bugs Published: 06.09.2004 Source: SECUNIA SecurityVulns ID: 3979 Type: remote Level: 5/10 Description: Buffer overflow and DoS in POP3 implementation. Affected: GNUBIFF : gnubiff 2.0 Original document SECUNIA , [SA12445] gnubiff POP3 Buffer Overflow and Denial of Service Vulnerabilities (06.09.2004 )
Ruby symbolic links problem Published: 06.09.2004 Source: BUGTRAQ SecurityVulns ID: 3981 Type: library Level: 5/10 Description: CGI::Session unsecurely creates temporary file. Affected: RUBY : Ruby 1.6 RUBY : Ruby 1.8 Original document GENTOO , [ GLSA 200409-08 ] Ruby: CGI::Session creates files insecurely (06.09.2004 )
Solaris in.named DoS Published: 06.09.2004 Source: SECUNIA SecurityVulns ID: 3983 Type: remote Level: 6/10 Description: DoS during dynamic update handling. Affected: SUN : Solaris 8 Original document SECUNIA , [SA12470] Sun Solaris in.named Dynamic Update Denial of Service Vulnerability (06.09.2004 )
OpenCA crossite scripting Published: 06.09.2004 Source: BUGTRAQ SecurityVulns ID: 3984 Type: remote Level: 5/10 Affected: OPENCA : OpenCA 0.9 Original document Martin Bartosch , OpenCA Security Advisory: Cross Site Scripting vulnerability (06.09.2004 )
Dynalink routers backdoor account Published: 06.09.2004 Source: BUGTRAQ SecurityVulns ID: 3978 Type: remote Level: 5/10 Description: Built in account userNotUsed with userNotU password Affected: DYNALINK : RTA 230 Original document fabio , Dynalink routers backdoor? (06.09.2004 )
Multiple Microsoft Internet Explorer crossite scripting bugs Published: 06.09.2004 Source: BUGTRAQ SecurityVulns ID: 3833 Type: client Level: 8/10 Description: Same name function redirection crossite scripting, ADODB.Stream vulnerability variant (Shell.Application), mouse click hijacking with Popup.show(), Media Preview crossite scripting, drag-n-drop files to shell:Startup. Affected: MICROSOFT : Internet Explorer 5.5 MICROSOFT : Internet Explorer 6.0 Original document Thor Larholm , FW: [Unpatched] Shell and Drag'n'Drop vulnerabilities (06.09.2004 ) Paul , MSIE Overly Trusted Location Variant Method Cache Vulnerability (19.07.2004 ) Ferruh Mavituna , IE Shell URI Download and Execute, POC (14.07.2004 ) Paul , Media Preview Script Execution Vulnerability (13.07.2004 ) jelmer , Re: [Full-Disclosure] THE VULNERABILITY STILL WORKS AFTER TODAY'S PATCH (13.07.2004 ) Paul , MSOE Javascript Execution Vulnerability (13.07.2004 ) Paul , MSIE Similar Method Name Redirection Cross Site/Zone Scripting Vulnerability (13.07.2004 ) Paul , HijackClick 3 (13.07.2004 )
Engenio/LSI Logic Storage controllers DoS Published: 07.09.2004 Source: BUGTRAQ SecurityVulns ID: 3982 Type: remote Level: 6/10 Description: Malcrafted TCP packet cause device to crash. Affected: IBM : FastT 100 STORAGETEK : Storagetek D280 BROCADE : Silkworm 2800 BROCADE : Silkworm 3200 BROCADE : Silkworm 3800 IBM : TotalStorage DS4100 Original document Jedi/Sector One , Denial of service in Brocade switches (was: Engenio/LSI Logic controllers denial of service/data corruption) (07.09.2004 ) Jedi/Sector One , Engenio/LSI Logic controllers denial of service/data corruption (06.09.2004 )
CGI bugs Published: 19.09.2004 Source: SecurityVulns ID: 3980 Type: remote Level: 5/10 Affected: PHPBB : phpBB 2.02 VBULLETIN : vBulletin 3.0 MAMBOSERVER : Mambo Server 4.5 PHPNUKE : PHP-Nuke 7.4 TUTTINOVA : Tutti Nova YABBSE : YaBB SE 1.5 EZ : eZphotoshare 1.2 EZ : eZphotoshare 3.4 PSNEWS : PsNews 1.1 BBS2000 : BBS E-Market Professional 1.3 FOCALMEDIA : Turbo Seek POSTNUKE : Subjects 2.0 MERAK : Merak Mail Server 7.5 ICEWARP : IceWarp Web Mail 5.2 PERLDESK : PerlDesk SNIPSNAP : SnipSnap 0.5 SNITZ : Snitz Forums 2000 3.4 Original document Jon Koffe , exploit in PHPBB 2010 (19.09.2004 ) khoaimi , Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability. (18.09.2004 ) Maestro De-Seguridad , ADVISORY: security hole (http response splitting) in snitz forums 2000 (17.09.2004 ) Maestro De-Seguridad , ADVISORY: http response splitting in snipsnap (15.09.2004 ) bima tampan , [XSS]/SQL Injection PHP-Nuke Edit/Save Message(s) Bug (15.09.2004 ) SSR Team , [Full-Disclosure] STG Security Advisory: [SSA-20040915-07] BBS E-Market Professional multiple vulnerabilities (15.09.2004 ) SECURITEAM , [UNIX] vBulletin SQL Injection While Verifying Subscription Information (14.09.2004 ) Nikyt0x Argentina , Posible Inclusion File in Perl Desk (14.09.2004 ) ShineShadow , Multiple vulnerabilities in Icewarp Web Mail 5.2.7 (11.09.2004 ) Criolabs , SQL-Injection in Subjects 2.0 for Postnuke (11.09.2004 ) durito , Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net (10.09.2004 ) ahmad muammar , Multiple vulnerabilities 1n BBS E-Market Professional (10.09.2004 ) bima tampan , [XSS]/SQL Injection PHP-Nuke Delete Message(s) Bug (09.09.2004 ) Michal Blaszczak , Bug XSS in PsNews 1.1 (08.09.2004 ) Pierquinto Manco , PHP-Nuke 7.4 Multiple XSS Vulnerabilities Patch (08.09.2004 ) Pierquinto Manco , Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4 (08.09.2004 ) Pierquinto Manco , [XSS] PHP-Nuke 7.4 AddMsg Bug (08.09.2004 ) Pierquinto Manco , [XSS] PHP-Nuke 7.4 Newsletter Injection Bug (08.09.2004 ) SECUNIA , [SA12460] eZ / eZphotoshare Multiple Connection Denial of Service Vulnerability (06.09.2004 ) ahmad muammar , FUll Path Disclosure in YABBSE (06.09.2004 ) Pierquinto Manco , [XSS] PHP-Nuke 7.4 DelAdmin Bug (06.09.2004 ) Pierquinto Manco , [XSS] PHP-Nuke 7.4 ViewAdmin Bug (06.09.2004 ) SECUNIA , [SA12467] Tutti Nova Unspecified Vulnerabilities (06.09.2004 )
